Eliot Lear <[email protected]> wrote: > Could we recap a bit on this? I have commented on the use of the > rfc822Name myself, and was a bit concerned about misuse and > misinterpretation prior to rfcSELF being present.
The rational for rfc822Name (which I fought against 4 years ago), is that:
a) it gets through existing CA infrastructure without changes
b) the human presentation format is *the* format
If ACP needs to wait for upgrades to the Enterprise CA that nobody wants to
touch, because it's voodoo, then ACP is dead. This is hard enough to get
deployed as it is.
> Now that it is it represents a new convention. The question at hand is
> whether the information found on the LHS could be subject to
> misinterpretation by non-participants. I wonder if we could add an EKU
> as a SHOULD to break the logjam.
Because EKUs are so much easier to get into CAs than otherName is?
Seriously, how does that help at all?
--
Michael Richardson <[email protected]>, Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
